Advertisement

Software Speed Records for Lattice-Based Signatures

  • Tim Güneysu
  • Tobias Oder
  • Thomas Pöppelmann
  • Peter Schwabe
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7932)

Abstract

Novel public-key cryptosystems beyond RSA and ECC are urgently required to ensure long-term security in the era of quantum computing. The most critical issue on the construction of such cryptosystems is to achieve security and practicability at the same time. Recently, lattice-based constructions were proposed that combine both properties, such as the lattice-based digital signature scheme presented at CHES 2012. In this work, we present a first highly-optimized SIMD-based software implementation of that signature scheme targeting Intel’s Sandy Bridge and Ivy Bridge microarchitectures. This software computes a signature in only 634988 cycles on average on an Intel Core i5-3210M (Ivy Bridge) processor. Signature verification takes only 45036 cycles. This performance is achieved with full protection against timing attacks.

Keywords

Post-quantum cryptography lattice-based cryptography cryptographic signatures software implementation AVX SIMD 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Arora, S., Ge, R.: New Algorithms for Learning in Presence of Errors. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011, Part I. LNCS, vol. 6755, pp. 403–415. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Bernstein, D.J.: The Salsa20 Family of Stream Ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  3. 3.
    Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. J. Cryptographic Engineering 2(2), 77–89 (2012)CrossRefGoogle Scholar
  4. 4.
    Bernstein, D.J., Lange, T.: eBACS: ECRYPT benchmarking of cryptographic systems, http://bench.cr.yp.to (accessed January 25, 2013)
  5. 5.
    Boyen, X.: Lattice Mixing and Vanishing Trapdoors: A Framework for Fully Secure Short Signatures and More. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 499–517. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - A Practical Forward Secure Signature Scheme Based on Minimal Security Assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai Trees, or How to Delegate a Lattice Basis. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 523–552. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Chen, A.I.-T., Chen, M.-S., Chen, T.-R., Cheng, C.-M., Ding, J., Kuo, E.L.-H., Lee, F.Y.-S., Yang, B.-Y.: SSE Implementation of Multivariate PKCs on Modern x86 CPUs. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 33–48. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  9. 9.
    Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms, 3rd edn. MIT Press (2009)Google Scholar
  10. 10.
    Fog, A.: The microarchitecture of Intel, AMD and VIA CPUs: An optimization guide for assembly programmers and compiler makers (2010), http://www.agner.org/optimize/microarchitecture.pdf (version February 29, 2012)
  11. 11.
    Gligoroski, D., Ødegård, R.S., Jensen, R.E., Perret, L., Faugère, J.-C., Knapskog, S.J., Markovski, S.: MQQ-SIG – an ultra-fast and provably CMA resistant digital signature scheme. In: Chen, L., Yung, M., Zhu, L. (eds.) INTRUST 2011. LNCS, vol. 7222, pp. 184–203. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  12. 12.
    Göttert, N., Feller, T., Schneider, M., Buchmann, J., Huss, S.: On the Design of Hardware Building Blocks for Modern Lattice-Based Encryption Schemes. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 512–529. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  13. 13.
    Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Miller, G.L. (ed.) Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, May 22-24, pp. 212–219. ACM (1996)Google Scholar
  14. 14.
    Güneysu, T., Lyubashevsky, V., Pöppelmann, T.: Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 530–547. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  15. 15.
    Hoffstein, J., Howgrave-Graham, N., Pipher, J., Silverman, J.H., Whyte, W.: NTRUSIGN: Digital Signatures Using the NTRU Lattice. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 122–140. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Landais, G., Sendrier, N.: Implementing CFS. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 474–488. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Lyubashevsky, V.: Lattice Signatures without Trapdoors. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 738–755. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  18. 18.
    Lyubashevsky, V., Peikert, C., Regev, O.: On Ideal Lattices and Learning with Errors over Rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
    Nguyên, P.Q., Regev, O.: Learning a Parallelepiped: Cryptanalysis of GGH and NTRU Signatures. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 271–288. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  20. 20.
    Petzoldt, A., Thomae, E., Bulygin, S., Wolf, C.: Small Public Keys and Fast Verification for \(\mathcal{M}\)ultivariate \(\mathcal{Q}\)uadratic Public Key Systems. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 475–490. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  21. 21.
    John, M.: Pollard. The Fast Fourier Transform in a finite field. Mathematics of Computation 25(114), 365–374 (1971)MathSciNetCrossRefGoogle Scholar
  22. 22.
    Shoup, V.: NTL: A library for doing number theory, http://www.shoup.net/ntl/ (accessed March 18, 2013)
  23. 23.
    Weiden, P., Hülsing, A., Cabarcas, D., Buchmann, J.: Instantiating treeless signature schemes. IACR Crptology ePrint archive report 2013/065 (2013), http://eprint.iacr.org/2013/065
  24. 24.
    Winkler, F.: Polynomial Algorithms in Computer Algebra (Texts and Monographs in Symbolic Computation). Springer, 1st edn. (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Tim Güneysu
    • 1
  • Tobias Oder
    • 1
  • Thomas Pöppelmann
    • 1
  • Peter Schwabe
    • 2
  1. 1.Horst Görtz Institute for IT-SecurityRuhr-University BochumGermany
  2. 2.Digital Security GroupRadboud University NijmegenThe Netherlands

Personalised recommendations